<!DOCTYPE html><html lang="zh-CN"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="theme-color" content="#0078E7"><meta name="author" content="呆航"><meta name="copyright" content="呆航"><meta name="generator" content="Hexo 5.2.0"><meta name="theme" content="hexo-theme-yun"><title>bandit闯关记录 | 呆航的小站</title><link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Noto+Serif+SC:wght@900&amp;display=swap" media="print" onload="this.media='all'"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/star-markdown-css@0.1.25/dist/yun/yun-markdown.min.css"><script src="//at.alicdn.com/t/font_1140697_dxory92pb0h.js" async></script><script src="https://cdn.jsdelivr.net/npm/scrollreveal/dist/scrollreveal.min.js" defer></script><script>function initScrollReveal() {
  [".post-card",".post-content img"].forEach((target)=> {
    ScrollReveal().reveal(target);
  })
}
document.addEventListener("DOMContentLoaded", initScrollReveal);
document.addEventListener("pjax:success", initScrollReveal);
</script><link id="light-prism-css" rel="stylesheet" href="https://cdn.jsdelivr.net/npm/prismjs@latest/themes/prism.css" media="(prefers-color-scheme: light)"><link id="dark-prism-css" rel="stylesheet" href="https://cdn.jsdelivr.net/npm/prismjs@latest/themes/prism-tomorrow.css" media="(prefers-color-scheme: dark)"><link rel="icon" type="image/svg+xml" href="/yun.svg"><link rel="mask-icon" href="/yun.svg" color="#0078E7"><link rel="preload" href="/css/hexo-theme-yun.css" as="style"><link rel="preload" href="/js/utils.js" as="script"><link rel="preload" href="/js/hexo-theme-yun.js" as="script"><link rel="prefetch" href="/js/sidebar.js" as="script"><link rel="preconnect" href="https://cdn.jsdelivr.net" crossorigin><script id="yun-config">
    const Yun = window.Yun || {};
    window.CONFIG = {"hostname":"lqh827821562.gitee.io","root":"/","title":"呆航的小站","version":"1.7.0","mode":"auto","copycode":true,"page":{"isPost":true},"i18n":{"placeholder":"搜索...","empty":"找不到您查询的内容: ${query}","hits":"找到 ${hits} 条结果","hits_time":"找到 ${hits} 条结果（用时 ${time} 毫秒）"},"anonymous_image":"https://cdn.jsdelivr.net/gh/YunYouJun/cdn/img/avatar/none.jpg","say":{"api":"https://v1.hitokoto.cn","hitokoto":true},"algolia":{"appID":"E0XRZBP9EC","apiKey":"014277189b8673da64c5c3a931019c0e","indexName":"blog","hits":{"per_page":10}},"fireworks":{"colors":["102, 167, 221","62, 131, 225","33, 78, 194"]}};
  </script><link rel="stylesheet" href="/css/hexo-theme-yun.css"><script src="/js/utils.js"></script><script src="/js/hexo-theme-yun.js"></script><link rel="alternate" href="/atom.xml" title="呆航的小站" type="application/atom+xml"><link rel="preconnect" href="https://www.google-analytics.com" crossorigin><script async src="https://www.googletagmanager.com/gtag/js?id=UA-121354150-1"></script><script>if (CONFIG.hostname === location.hostname) {
  window.dataLayer = window.dataLayer || [];
  function gtag(){dataLayer.push(arguments);}
  gtag('js', new Date());
  gtag('config', 'UA-121354150-1');
}</script><script data-ad-client="ca-pub-2245427233262012" async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script><script>(function(){
  var bp = document.createElement('script');
  var curProtocol = window.location.protocol.split(':')[0];
  if (curProtocol === 'https') {
    bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
  }
  else {
    bp.src = 'http://push.zhanzhang.baidu.com/push.js';
  }
  var s = document.getElementsByTagName("script")[0];
  s.parentNode.insertBefore(bp, s);
})();</script><!-- Google Tag Manager --><script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-M9KWR9L');</script><!-- End Google Tag Manager --><meta name="description" content="最近也是要学习linux系统的操作，于是我又把以前没做完的bandit闯关拾起来重新做了一下，连接服务器的命令是ssh -p 2220 bandit0@bandit.labs.overthewire.org 第0关  这关很简单，输入ls显示制定工作目录下的内容，然后用cat来进行查看，得到了密码输入logout与服务器断开连接，进行下一关。 第1关  本关的难点在于密码放在一个叫做-的文件中，而">
<meta property="og:type" content="article">
<meta property="og:title" content="bandit闯关记录">
<meta property="og:url" content="http://lqh827821562.gitee.io/bandit%E9%97%AF%E5%85%B3%E8%AE%B0%E5%BD%95/index.html">
<meta property="og:site_name" content="呆航的小站">
<meta property="og:description" content="最近也是要学习linux系统的操作，于是我又把以前没做完的bandit闯关拾起来重新做了一下，连接服务器的命令是ssh -p 2220 bandit0@bandit.labs.overthewire.org 第0关  这关很简单，输入ls显示制定工作目录下的内容，然后用cat来进行查看，得到了密码输入logout与服务器断开连接，进行下一关。 第1关  本关的难点在于密码放在一个叫做-的文件中，而">
<meta property="og:locale" content="zh_CN">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/01/e0692e03988b4b48.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/01/2aa371d347c83dc6.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/01/0eb5009e79895b08.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/01/b0d41fd61a1fc532.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/01/f96124c3f796a58e.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/01/8e37314473c5c2c9.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/01/4ef71a6d03d3d553.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/01/316d3bd7abe1f9ac.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2020/11/c16320590b984221.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2020/11/70dcb8c0246619da.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2020/11/280bc15287960366.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/1ec10866da2fa4ad.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/33d15cc87defa885.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/b7409a285819a695.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/22f5b5a41744817d.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/f440305628be8998.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/31acdb0e87bb286c.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/0655fde578c9b9e4.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/d66924098445abdb.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/f6f4e3c025e2383d.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/8ba899cc5955dec4.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/26c96c75dfe6cdd5.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/1e2e39a93c9b0c94.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/150312296a84f6c0.png">
<meta property="og:image" content="https://ftp.bmp.ovh/imgs/2021/04/d0e3de33821d3a0e.png">
<meta property="og:image" content="https://z3.ax1x.com/2021/10/08/59fiX6.png">
<meta property="og:image" content="https://z3.ax1x.com/2021/10/08/59fknK.png">
<meta property="article:published_time" content="2021-01-24T05:35:10.000Z">
<meta property="article:modified_time" content="2021-10-08T00:30:00.672Z">
<meta property="article:author" content="呆航">
<meta property="article:tag" content="linux">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="https://ftp.bmp.ovh/imgs/2021/01/e0692e03988b4b48.png"><script src="/js/ui/mode.js"></script></head><body><script defer src="https://cdn.jsdelivr.net/npm/animejs@latest"></script><script defer src="/js/ui/fireworks.js"></script><canvas class="fireworks"></canvas><div class="container"><a class="sidebar-toggle hty-icon-button" id="menu-btn"><div class="hamburger hamburger--spin" type="button"><span class="hamburger-box"><span class="hamburger-inner"></span></span></div></a><div class="sidebar-toggle sidebar-overlay"></div><aside class="sidebar"><script src="/js/sidebar.js"></script><ul class="sidebar-nav"><li class="sidebar-nav-item sidebar-nav-toc hty-icon-button sidebar-nav-active" data-target="post-toc-wrap" title="文章目录"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-list-ordered"></use></svg></li><li class="sidebar-nav-item sidebar-nav-overview hty-icon-button" data-target="site-overview-wrap" title="站点概览"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-passport-line"></use></svg></li></ul><div class="sidebar-panel" id="site-overview-wrap"><div class="site-info fix-top"><a class="site-author-avatar" href="/about/" title="呆航"><img width="96" loading="lazy" src="/images/avatar.png" alt="呆航"><span class="site-author-status" title="Looking for dawn.">🌑</span></a><div class="site-author-name"><a href="/about/">呆航</a></div><span class="site-name">呆航的小站</span><sub class="site-subtitle">All at sea.</sub><div class="site-desciption">希望能成为一个有趣的人</div></div><nav class="site-state"><a class="site-state-item hty-icon-button icon-home" href="/" title="首页"><span class="site-state-item-icon"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-home-4-line"></use></svg></span></a><div class="site-state-item"><a href="/archives/" title="归档"><span class="site-state-item-icon"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-archive-line"></use></svg></span><span class="site-state-item-count">42</span></a></div><div class="site-state-item"><a href="/categories/" title="分类"><span class="site-state-item-icon"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-folder-2-line"></use></svg></span><span class="site-state-item-count">2</span></a></div><div class="site-state-item"><a href="/tags/" title="标签"><span class="site-state-item-icon"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-price-tag-3-line"></use></svg></span><span class="site-state-item-count">9</span></a></div><a class="site-state-item hty-icon-button" target="_blank" rel="noopener" href="https://yun.yunyoujun.cn" title="文档"><span class="site-state-item-icon"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-settings-line"></use></svg></span></a></nav><hr style="margin-bottom:0.5rem"><div class="links-of-author"><a class="links-of-author-item hty-icon-button" rel="noopener" href="tencent://message/?uin=827821562&amp;site=qq&amp;menu=yes" title="QQ" target="_blank" style="color:#12B7F5"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-qq-line"></use></svg></a></div><hr style="margin:0.5rem 1rem"><div class="links"><a class="links-item hty-icon-button" href="/links/" title="我的小伙伴们" style="color:dodgerblue"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-genderless-line"></use></svg></a></div><br><a class="links-item hty-icon-button" id="toggle-mode-btn" href="javascript:;" title="Mode" style="color: #f1cb64"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-contrast-2-line"></use></svg></a></div><div class="sidebar-panel sidebar-panel-active" id="post-toc-wrap"><div class="post-toc"><div class="post-toc-content"><ol class="toc"><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC0%E5%85%B3"><span class="toc-number">1.</span> <span class="toc-text">第0关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC1%E5%85%B3"><span class="toc-number">2.</span> <span class="toc-text">第1关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC2%E5%85%B3"><span class="toc-number">3.</span> <span class="toc-text">第2关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC3%E5%85%B3"><span class="toc-number">4.</span> <span class="toc-text">第3关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC4%E5%85%B3"><span class="toc-number">5.</span> <span class="toc-text">第4关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC5%E5%85%B3"><span class="toc-number">6.</span> <span class="toc-text">第5关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC6%E5%85%B3"><span class="toc-number">7.</span> <span class="toc-text">第6关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC7%E5%85%B3"><span class="toc-number">8.</span> <span class="toc-text">第7关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC8%E5%85%B3"><span class="toc-number">9.</span> <span class="toc-text">第8关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC9%E5%85%B3"><span class="toc-number">10.</span> <span class="toc-text">第9关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC10%E5%85%B3"><span class="toc-number">11.</span> <span class="toc-text">第10关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC11%E5%85%B3"><span class="toc-number">12.</span> <span class="toc-text">第11关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC12%E5%85%B3"><span class="toc-number">13.</span> <span class="toc-text">第12关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC13%E5%85%B3"><span class="toc-number">14.</span> <span class="toc-text">第13关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC14%E5%85%B3"><span class="toc-number">15.</span> <span class="toc-text">第14关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC15%E5%85%B3"><span class="toc-number">16.</span> <span class="toc-text">第15关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC16%E5%85%B3"><span class="toc-number">17.</span> <span class="toc-text">第16关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC17%E5%85%B3"><span class="toc-number">18.</span> <span class="toc-text">第17关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC18%E5%85%B3"><span class="toc-number">19.</span> <span class="toc-text">第18关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC19%E5%85%B3"><span class="toc-number">20.</span> <span class="toc-text">第19关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC20%E5%85%B3"><span class="toc-number">21.</span> <span class="toc-text">第20关</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%AC%AC21%E5%85%B3"><span class="toc-number">22.</span> <span class="toc-text">第21关</span></a></li></ol></div></div></div></aside><main class="sidebar-translate" id="content"><div id="post"><article class="hty-card post-block" itemscope itemtype="https://schema.org/Article"><link itemprop="mainEntityOfPage" href="http://lqh827821562.gitee.io/bandit%E9%97%AF%E5%85%B3%E8%AE%B0%E5%BD%95/"><span hidden itemprop="author" itemscope itemtype="https://schema.org/Person"><meta itemprop="name" content="呆航"><meta itemprop="description"></span><span hidden itemprop="publisher" itemscope itemtype="https://schema.org/Organization"><meta itemprop="name" content="呆航的小站"></span><header class="post-header"><h1 class="post-title" itemprop="name headline">bandit闯关记录</h1><div class="post-meta"><div class="post-time" style="display:block"><span class="post-meta-item-icon"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-calendar-line"></use></svg></span> <time title="创建时间：2021-01-24 13:35:10" itemprop="dateCreated datePublished" datetime="2021-01-24T13:35:10+08:00">2021-01-24</time><span class="post-meta-divider">-</span><span class="post-meta-item-icon"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-calendar-2-line"></use></svg></span> <time title="修改时间：2021-10-08 08:30:00" itemprop="dateModified" datetime="2021-10-08T08:30:00+08:00">2021-10-08</time></div><span class="post-count"><span class="post-symbolcount"><span class="post-meta-item-icon" title="本文字数"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-file-word-line"></use></svg></span> <span title="本文字数">1.5k</span><span class="post-meta-divider">-</span><span class="post-meta-item-icon" title="阅读时长"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-timer-line"></use></svg></span> <span title="阅读时长">5m</span></span></span><span class="post-busuanzi"><span class="post-meta-divider">-</span><span class="post-meta-item-icon" title="阅读次数"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-eye-line"></use></svg> <span id="busuanzi_value_page_pv"></span></span></span><div class="post-classify"><span class="post-tag"><a class="tag-item" href="/tags/linux/" style="--text-color:orange"><span class="post-meta-item-icon"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-price-tag-3-line"></use></svg></span><span class="tag-name">linux</span></a></span></div></div></header><section class="post-body" itemprop="articleBody"><div class="post-content markdown-body" style="--smc-primary:#0078E7;"><p>最近也是要学习linux系统的操作，于是我又把以前没做完的<a target="_blank" rel="noopener" href="https://overthewire.org/wargames/bandit/bandit0.html">bandit闯关</a>拾起来重新做了一下，<br>连接服务器的命令是<code>ssh -p 2220 bandit0@bandit.labs.overthewire.org</code></p>
<h2 id="第0关"><a href="#第0关" class="headerlink" title="第0关"></a>第0关</h2><p>  这关很简单，输入ls显示制定工作目录下的内容，然后用cat来进行查看，得到了密码输入<code>logout</code>与服务器断开连接，进行下一关。<br><img src="https://ftp.bmp.ovh/imgs/2021/01/e0692e03988b4b48.png" loading="lazy"></p>
<h2 id="第1关"><a href="#第1关" class="headerlink" title="第1关"></a>第1关</h2><p>  本关的难点在于密码放在一个叫做-的文件中，而直接cat - 是打不开的，通过网上查询<a target="_blank" rel="noopener" href="https://tldp.org/LDP/abs/html/special-chars.html">资料</a>所以需要改变一下命令输入cat ./-，终止命令按下Ctrl+c<br><img src="https://ftp.bmp.ovh/imgs/2021/01/2aa371d347c83dc6.png" loading="lazy"></p>
<h2 id="第2关"><a href="#第2关" class="headerlink" title="第2关"></a>第2关</h2><p>  本关的难点在于密码在一个叫做spaces in this filename 中，因为有空格直接使用cat指令是打不开的，所以再查<a target="_blank" rel="noopener" href="https://tldp.org/LDP/abs/html/special-chars.html">资料</a>，知道了需要转义字符\，让他忽略下一个字符。<br>  小贴士：输入完cat和空格后按下第一个字母后按Tab键会自动补全，并且自动添加转义字符<br><img src="https://ftp.bmp.ovh/imgs/2021/01/0eb5009e79895b08.png" loading="lazy"></p>
<h2 id="第3关"><a href="#第3关" class="headerlink" title="第3关"></a>第3关</h2><p>  本关第一次使用cd指令，进入本关后先看到一个文件夹inhere，用cd进入文件夹后发现里面什么也没有，因为密码一定在这里面，所以应该是隐藏文件，使用cat -alt显示所有文件以及详细信息，发现了密码。<br><img src="https://ftp.bmp.ovh/imgs/2021/01/b0d41fd61a1fc532.png" loading="lazy"></p>
<h2 id="第4关"><a href="#第4关" class="headerlink" title="第4关"></a>第4关</h2><p>  本关的文件很多，通过题目我们可以知道，密码在人类可读的文件中，这时候需要<code>file ./*</code>命令，这个命令的意思是查看当前目录下文件的格式，输入后得知只有一个文件类型时ASCII text类型，其他文件为data类型，打开即获得密码<br><img src="https://ftp.bmp.ovh/imgs/2021/01/f96124c3f796a58e.png" loading="lazy"></p>
<h2 id="第5关"><a href="#第5关" class="headerlink" title="第5关"></a>第5关</h2><p>  本关的文件更多，如果一个一个的找不仅费时又费力，于是应当使用find指令，直接锁定目标文件，由网站我们可知这个文件人类可读，大小为1033字节，不可执行，那么使用如下指令寻找符合条件的文件<br><code>find -type f -size 1033c</code>其中-type f为查看普通文件类型，-size 1033c为大小为1033字节，通过查询，找到符合的文件获得密码。当然，就本题而言，仅仅限定大小也可以找出答案<br><img src="https://ftp.bmp.ovh/imgs/2021/01/8e37314473c5c2c9.png" loading="lazy"></p>
<h2 id="第6关"><a href="#第6关" class="headerlink" title="第6关"></a>第6关</h2><p>  本关告诉我们，密码在服务器的某一个位置，属于bandit7用户属于bandit6组，大小33字节，设时候需要继续用find指令了，不过尴尬的是我把参数弄错了，应该用-user找用户，但是我用了-name，所以一直没有找到目标文件。  再这个命令中-group是查询组，-name是查询文件名，-user是查询用户 -size是大小，2&gt;/dev/null是排除没有权限的选项<br><img src="https://ftp.bmp.ovh/imgs/2021/01/4ef71a6d03d3d553.png" loading="lazy"></p>
<h2 id="第7关"><a href="#第7关" class="headerlink" title="第7关"></a>第7关</h2><p>  本关很简单，告诉我们密码在data.txt中紧挨着millionth，输入命令<br><code>cat data.txt | grep millionth</code>这个指令的意思是打开data.txt并且过滤没有millionth的部分<br><img src="https://ftp.bmp.ovh/imgs/2021/01/316d3bd7abe1f9ac.png" loading="lazy"></p>
<h2 id="第8关"><a href="#第8关" class="headerlink" title="第8关"></a>第8关</h2><p>  本关密码存放在data.txt中并且只出现一遍的文本，那么可以使用uniq指令，于是就懵逼了，大部分行都只出现了一遍，那么应该是用sort先排序，再用uniq，即<code>sort data.txt | uniq -c</code>找到答案<br><img src="https://ftp.bmp.ovh/imgs/2020/11/c16320590b984221.png" loading="lazy"><br><img src="https://ftp.bmp.ovh/imgs/2020/11/70dcb8c0246619da.png" loading="lazy"></p>
<h2 id="第9关"><a href="#第9关" class="headerlink" title="第9关"></a>第9关</h2><p>  本关密码在data.txt中并前面有=，在开始我的想法是<code>cat data.txt | grep =</code>但是提示了<code>binary file（standard input）matches</code>,也就是说这个方法行不通了，既然不能用grep筛选出来，我就尝试一下<code>strings data.txt | grep =</code>结果输出了有限几行，中间有一行很明显看到了密码。关于<a target="_blank" rel="noopener" href="https://man.linuxde.net/strings">strings</a>的资料<br><img src="https://ftp.bmp.ovh/imgs/2020/11/280bc15287960366.png" loading="lazy"></p>
<h2 id="第10关"><a href="#第10关" class="headerlink" title="第10关"></a>第10关</h2><p>  本关要求我们进行base64解密使用<code>cat data.txt|base64 -d</code>解决<br><img src="https://ftp.bmp.ovh/imgs/2021/04/1ec10866da2fa4ad.png" loading="lazy"></p>
<h2 id="第11关"><a href="#第11关" class="headerlink" title="第11关"></a>第11关</h2><p>  本关要求我们进行凯撒解密，可以使用<a target="_blank" rel="noopener" href="https://www.runoob.com/linux/linux-comm-tr.html">tr命令</a><br><img src="https://ftp.bmp.ovh/imgs/2021/04/33d15cc87defa885.png" loading="lazy"></p>
<h2 id="第12关"><a href="#第12关" class="headerlink" title="第12关"></a>第12关</h2><p>  这关简直是最无语的一关了，反复的解压缩<br><img src="https://ftp.bmp.ovh/imgs/2021/04/b7409a285819a695.png" loading="lazy"><br><img src="https://ftp.bmp.ovh/imgs/2021/04/22f5b5a41744817d.png" loading="lazy"><br>这关唯一要注意的就是<code>xxd -r&gt;1.bin</code> 把16进制转化为2进制，剩下的就是无休止的解压缩了</p>
<h2 id="第13关"><a href="#第13关" class="headerlink" title="第13关"></a>第13关</h2><p>  这关考察的是私钥连接，使用给出的私钥连接到bandit14，在从bandit14处获取13的密码<br><img src="https://ftp.bmp.ovh/imgs/2021/04/f440305628be8998.png" loading="lazy"><br><img src="https://ftp.bmp.ovh/imgs/2021/04/31acdb0e87bb286c.png" loading="lazy"></p>
<h2 id="第14关"><a href="#第14关" class="headerlink" title="第14关"></a>第14关</h2><p>  本关要求将本关密码提交到本地的30000端口，使用<code>telnet</code>命令,提交后可获得下一关密码<br><img src="https://ftp.bmp.ovh/imgs/2021/04/0655fde578c9b9e4.png" loading="lazy"></p>
<h2 id="第15关"><a href="#第15关" class="headerlink" title="第15关"></a>第15关</h2><p>  本关要求通过使用 SSL 加密将当前级别的密码提交到本地网站上端口 30001，可以使用openssl命令执行，由于我也没见过这个命令，参考了一下其他博主的wp，了解了一下用法，先输入<code>openssl s_client -connect localhost:30001</code>，然后传入本关的密码，获取下一关密码<br><img src="https://ftp.bmp.ovh/imgs/2021/04/d66924098445abdb.png" loading="lazy"></p>
<h2 id="第16关"><a href="#第16关" class="headerlink" title="第16关"></a>第16关</h2><p><img src="https://ftp.bmp.ovh/imgs/2021/04/f6f4e3c025e2383d.png" loading="lazy"><br><img src="https://ftp.bmp.ovh/imgs/2021/04/8ba899cc5955dec4.png" loading="lazy"><br><img src="https://ftp.bmp.ovh/imgs/2021/04/26c96c75dfe6cdd5.png" loading="lazy"><br> 这关着实费了我好大的劲，主要问题在于，得到密钥后我登陆不进去第17关，看别人的wp也没找到方法，就感觉挺纳闷的，最后哦我发现……权限不对，<code>chmod 700</code>后就可以了，进入17关后16关密码在/etc/bandit_pass/bandit17中</p>
<h2 id="第17关"><a href="#第17关" class="headerlink" title="第17关"></a>第17关</h2><p><img src="https://ftp.bmp.ovh/imgs/2021/04/1e2e39a93c9b0c94.png" loading="lazy"><br>这关很简单，就是diff命令的使用diff加两个文件名得到下一关密码</p>
<h2 id="第18关"><a href="#第18关" class="headerlink" title="第18关"></a>第18关</h2><p><img src="https://ftp.bmp.ovh/imgs/2021/04/150312296a84f6c0.png" loading="lazy"><br>这关被拒绝ssh访问了，但是可以在ssh命令后面直接跟指令，两个指令一起被返回来得到下关密码</p>
<h2 id="第19关"><a href="#第19关" class="headerlink" title="第19关"></a>第19关</h2><p><img src="https://ftp.bmp.ovh/imgs/2021/04/d0e3de33821d3a0e.png" loading="lazy"><br>这题不太理解是什么意思，单独使用<code>./bandit20-do</code>是没有权限的，但是后面加上cat命令后反而可以执行了  </p>
<h2 id="第20关"><a href="#第20关" class="headerlink" title="第20关"></a>第20关</h2><p><a target="_blank" rel="noopener" href="https://imgtu.com/i/59fiX6"><img src="https://z3.ax1x.com/2021/10/08/59fiX6.png" alt="59fiX6.png" loading="lazy"></a><br><a target="_blank" rel="noopener" href="https://imgtu.com/i/59fknK"><img src="https://z3.ax1x.com/2021/10/08/59fknK.png" alt="59fknK.png" loading="lazy"></a><br>文件有说明在得到本关密码后会返回下一关密码，所以可以使用nc进行监听，并且传入本关密码，与此同时再打开一个ssh链接，在新打开的连接中执行原文件+刚才nc监听的端口号，得到下一关密码  </p>
<h2 id="第21关"><a href="#第21关" class="headerlink" title="第21关"></a>第21关</h2></div><div id="reward-container"><span class="hty-icon-button button-glow" id="reward-button" title="打赏" onclick="var qr = document.getElementById(&quot;qr&quot;); qr.style.display = (qr.style.display === &quot;none&quot;) ? &quot;block&quot; : &quot;none&quot;;"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-hand-coin-line"></use></svg></span><div id="reward-comment">如果你认为本篇博客帮助到了你，你可以请我喝个可乐</div><div id="qr" style="display:none;"><div style="display:inline-block"><a href="/images/zhifubao.png"><img loading="lazy" src="/images/zhifubao.png" alt="支付宝" title="支付宝"></a><div><span style="color:#00A3EE"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-alipay-line"></use></svg></span></div></div><div style="display:inline-block"><a href="/images/qq.png"><img loading="lazy" src="/images/qq.png" alt="QQ 支付" title="QQ 支付"></a><div><span style="color:#12B7F5"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-qq-line"></use></svg></span></div></div><div style="display:inline-block"><a href="/images/wechat.png"><img loading="lazy" src="/images/wechat.png" alt="微信支付" title="微信支付"></a><div><span style="color:#2DC100"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-wechat-pay-line"></use></svg></span></div></div></div></div><ul class="post-copyright"><li class="post-copyright-author"><strong>本文作者：</strong>呆航</li><li class="post-copyright-link"><strong>本文链接：</strong><a href="http://lqh827821562.gitee.io/bandit%E9%97%AF%E5%85%B3%E8%AE%B0%E5%BD%95/" title="bandit闯关记录">http://lqh827821562.gitee.io/bandit%E9%97%AF%E5%85%B3%E8%AE%B0%E5%BD%95/</a></li><li class="post-copyright-license"><strong>版权声明：</strong>本博客所有文章除特别声明外，均默认采用 <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/deed.zh" target="_blank" rel="noopener" title="CC BY-NC-SA 4.0 "><svg class="icon"><use xlink:href="#icon-creative-commons-line"></use></svg><svg class="icon"><use xlink:href="#icon-creative-commons-by-line"></use></svg><svg class="icon"><use xlink:href="#icon-creative-commons-nc-line"></use></svg><svg class="icon"><use xlink:href="#icon-creative-commons-sa-line"></use></svg></a> 许可协议。</li></ul></section></article><div class="post-nav"><div class="post-nav-item"><a class="post-nav-prev" href="/%E7%BB%83%E4%B9%A0%E8%B5%9Bwp/" rel="prev" title="练习赛wp"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-arrow-left-s-line"></use></svg><span class="post-nav-text">练习赛wp</span></a></div><div class="post-nav-item"><a class="post-nav-next" href="/The-Riddle%E8%B0%9C%E9%A2%98%E9%83%A8%E5%88%86wp/" rel="next" title="The Riddle谜题部分wp"><span class="post-nav-text">The Riddle谜题部分wp</span><svg class="icon" aria-hidden="true"><use xlink:href="#icon-arrow-right-s-line"></use></svg></a></div></div></div><div class="hty-card" id="comment"><div id="valine-container"></div><script>Yun.utils.getScript("https://cdn.jsdelivr.net/npm/valine@latest/dist/Valine.min.js", () => {
  const valineConfig = {"enable":true,"appId":"k8weiJIG9u6tXEjf9jL8pvQN-MdYXbMMI","appKey":"JtLQP97hURfluJNL00DMe8gl","placeholder":"Just go go","avatar":null,"pageSize":10,"visitor":false,"highlight":true,"recordIP":false,"enableQQ":true,"meta":["nick","mail","link"],"el":"#valine-container","lang":"zh-cn"}
  valineConfig.path = "/bandit%E9%97%AF%E5%85%B3%E8%AE%B0%E5%BD%95/"
  new Valine(valineConfig)
}, window.Valine);</script></div></main><footer class="sidebar-translate" id="footer"><div class="copyright"><span>&copy; 2019 – 2022 </span><span class="with-love" id="animate"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-cloud-line"></use></svg></span><span class="author"> 呆航</span></div><div class="powered"><span>由 <a href="https://hexo.io" target="_blank" rel="noopener">Hexo</a> 驱动 v5.2.0</span><span class="footer-separator">|</span><span>主题 - <a rel="noopener" href="https://github.com/YunYouJun/hexo-theme-yun" target="_blank"><span>Yun</span></a> v1.7.0</span></div><div class="live_time"><span>本博客已萌萌哒地运行</span><span id="display_live_time"></span><span class="moe-text">(●'◡'●)</span><script>function blog_live_time() {
  setTimeout(blog_live_time, 1000);
  const start = new Date('2021-05-17T00:00:00');
  const now = new Date();
  const timeDiff = (now.getTime() - start.getTime());
  const msPerMinute = 60 * 1000;
  const msPerHour = 60 * msPerMinute;
  const msPerDay = 24 * msPerHour;
  const passDay = Math.floor(timeDiff / msPerDay);
  const passHour = Math.floor((timeDiff % msPerDay) / 60 / 60 / 1000);
  const passMinute = Math.floor((timeDiff % msPerHour) / 60 / 1000);
  const passSecond = Math.floor((timeDiff % msPerMinute) / 1000);
  display_live_time.innerHTML = " " + passDay + " 天 " + passHour + " 小时 " + passMinute + " 分 " + passSecond + " 秒";
}
blog_live_time();
</script></div><div id="busuanzi"><span id="busuanzi_container_site_uv" title="总访客量"><span><svg class="icon" aria-hidden="true"><use xlink:href="#icon-user-line"></use></svg></span><span id="busuanzi_value_site_uv"></span></span><span class="footer-separator">|</span><span id="busuanzi_container_site_pv" title="总访问量"><span><svg class="icon" aria-hidden="true"><use xlink:href="#icon-eye-line"></use></svg></span><span id="busuanzi_value_site_pv"></span></span><script async src="https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script></div></footer><a class="hty-icon-button" id="back-to-top" aria-label="back-to-top" href="#"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-arrow-up-s-line"></use></svg><svg class="progress-circle-container" viewBox="0 0 100 100"><circle class="progress-circle" id="progressCircle" cx="50" cy="50" r="48" fill="none" stroke="#0078E7" stroke-width="2" stroke-linecap="round"></circle></svg></a><a class="popup-trigger hty-icon-button icon-search" id="search" href="javascript:;" title="搜索"><span class="site-state-item-icon"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-search-line"></use></svg></span></a><script>window.addEventListener("DOMContentLoaded", () => {
  // Handle and trigger popup window
  document.querySelector(".popup-trigger").addEventListener("click", () => {
    document.querySelector(".popup").classList.add("show");
    setTimeout(() => {
      document.querySelector(".search-input").focus();
    }, 100);
  });

  // Monitor main search box
  const onPopupClose = () => {
    document.querySelector(".popup").classList.remove("show");
  };

  document.querySelector(".popup-btn-close").addEventListener("click", () => {
    onPopupClose();
  });

  window.addEventListener("keyup", event => {
    if (event.key === "Escape") {
      onPopupClose();
    }
  });
});
</script><script defer src="https://cdn.jsdelivr.net/npm/algoliasearch@4/dist/algoliasearch-lite.umd.js"></script><script defer src="https://cdn.jsdelivr.net/npm/instantsearch.js@4/dist/instantsearch.production.min.js"></script><script defer src="/js/search/algolia-search.js"></script><div class="popup search-popup"><div class="search-header"><span class="popup-btn-close close-icon hty-icon-button"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-close-line"></use></svg></span></div><div class="search-input-container"></div><div class="algolia-results"><div id="algolia-stats"></div><div id="algolia-hits"></div><div class="algolia-pagination" id="algolia-pagination"></div></div></div></div></body></html>